IT disaster recovery, cloud computing and information security news

Survey highlights overconfidence and lack of preparedness for cyber incidents

SolarWinds MSP has published survey findings outlining the preparedness of UK and US businesses in dealing with cybersecurity breaches. The report reveals that businesses are ‘gravely optimistic’ about their ability to deter and cope with malicious attacks despite the majority experiencing a breach over the last year and nearly a quarter experiencing more than 10.

SolarWinds says that “the potent combination of this lack of preparedness, the frequency of breaches, and the potential commercial impact of each one, heightens the risk of an ‘extinction event’ i.e., a massive business failure correlating to the breach.”

However, 71 percent of the same respondents said they have experienced a breach in the last 12 months. Of the businesses that have been breached and could identify an immediately traceable impact, 77 percent revealed that they had suffered a tangible loss, such as monetary impact, operational downtime, legal actions, or the loss of a customer or partner.

Commenting, John Pagliuca, SolarWinds MSP general manager, said, “Our findings underscore the problems that contributed to the ‘WannaCry’ ransomware’s ability to cause so much damage around the globe. These results beg the question, ‘How can IT leaders feel so prepared yet still be exposed?’ One of the main reasons is that people are confusing IT security with cyber security. The former is what companies are talking about when they think about readiness. However, what they often don’t realize is that cyber security protection requires a multi-pronged, layered approach to security that involves prevention, protection, detection, remediation, and the ability to restore data and systems quickly and efficiently. The overconfidence and failure to deploy adequate cyber security technologies and techniques at each layer of a company’s cybersecurity strategy could be fatal.”

SolarWinds has investigated why this overconfidence is occurring and identified seven basic faults:

Inconsistency in enforcing security policies

Negligence in the approach to user security awareness training

Shortsightedness in the application of cybersecurity technologies

Complacency around vulnerability reporting

Inflexibility in adapting processes and approach after a breach

Stagnation in the application of key prevention techniques

Lethargy around detection and response.

The full report, entitled ‘2017 Survey Results: Cybersecurity: Can Overconfidence Lead to an Extinction Event? A SolarWinds MSP Report on Cybersecurity Readiness for U.K. and U.S. Businesses’ is available here .

Want news and features emailed to you?

Additional Resources

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.